Weaknesses of type CWE-22

4,857 results
CVE-2025-3722NONEA path traversal vulnerability in System Information Reporter (SIR) 1.0.3 and prior allowed an authenticated high privileged user to issue EPSS 0.2%CVE-2026-42549MEDIUMFlight: Path traversal in `make:controller` CLI creates arbitrary directories outside project rootEPSS 0.2%CVE-2026-20653MEDIUMA parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 18.7.5 and iPadOSEPSS 0.2%CVE-2024-42187MEDIUMHCL BigFix Patch Download Plug-ins are affected by path traversal vulnerabilityEPSS 0.2%CVE-2026-58302HIGHrtapi_app in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library moduleEPSS 0.2%CVE-2026-43965MEDIUMPath Traversal in build/packages/packages.toml Allows Arbitrary Directory DeletionEPSS 0.2%CVE-2022-50956MEDIUMWordPress Plugin amministrazione-aperta 3.7.3 Local File ReadEPSS 0.2%CVE-2026-32685MEDIUMPath Traversal in gleam docs build via documentation.pages Allows Arbitrary File Read and WriteEPSS 0.2%CVE-2026-28486MEDIUMOpenClaw 2026.1.16-2 < 2026.2.14 - Path Traversal (Zip Slip) in Archive Extraction via Installation CommandsEPSS 0.2%CVE-2026-9789HIGHNitroSense V3: Security Vulnerability InformationEPSS 0.2%CVE-2026-42881HIGHSTIGQter: Arbitrary File Write leading to Local Code Execution via Export HTMLEPSS 0.2%CVE-2026-41530MEDIUMThe automatic folder creation feature of Lhaz and Lhaz+ provided by Chitora soft contains a path traversal vulnerability. When the affected EPSS 0.1%CVE-2025-31248MEDIUMA parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.5, mEPSS 0.1%CVE-2026-7875CRITICALNanoClaw Host/Container Filesystem Boundary Vulnerability via Outbound Attachment HandlingEPSS 0.1%CVE-2025-20277LOWCisco Unified Contact Center Express Path Traversal VulnerabilityEPSS 0.1%CVE-2026-43989HIGHJunoClaw: upload_wasm accepted arbitrary filesystem paths without validationEPSS 0.1%CVE-2026-35254MEDIUMVulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitaEPSS 0.1%CVE-2026-32061MEDIUMOpenClaw < 2026.2.17 - Arbitrary File Read via $include Directive Path TraversalEPSS 0.1%CVE-2026-3223HIGHZip Slip leading to Arbitrary File Write and Privilege Escalation in Google Web DesignerEPSS 0.1%CVE-2026-55878HIGHSymfony: Path Traversal in symfony/ux-toolkit Allows Arbitrary File Write and Read via Crafted Recipe ManifestEPSS 0.1%